diff options
author | Tim Kientzle <kientzle@acm.org> | 2016-08-21 17:31:49 -0700 |
---|---|---|
committer | Tim Kientzle <kientzle@acm.org> | 2016-08-21 17:31:49 -0700 |
commit | 299c6bf136b9bc328b498505f24f87e732b73ff6 (patch) | |
tree | 0fbf951a482448354dbef4db8aef793e5996227a /libarchive/archive_read_support_format_tar.c | |
parent | 1fa9c7bf90f0862036a99896b0501c381584451a (diff) | |
download | libarchive-299c6bf136b9bc328b498505f24f87e732b73ff6.tar.gz |
Issue #731: Reject tar entries >= INT64_MAX
Note that the code that parses file sizes returns INT64_MAX on
overflow.
Diffstat (limited to 'libarchive/archive_read_support_format_tar.c')
-rw-r--r-- | libarchive/archive_read_support_format_tar.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/libarchive/archive_read_support_format_tar.c b/libarchive/archive_read_support_format_tar.c index b0521a62..eb60e1a0 100644 --- a/libarchive/archive_read_support_format_tar.c +++ b/libarchive/archive_read_support_format_tar.c @@ -1128,8 +1128,15 @@ header_common(struct archive_read *a, struct tar *tar, if (tar->entry_bytes_remaining < 0) { tar->entry_bytes_remaining = 0; archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, - "Tar entry has negative size?"); - err = ARCHIVE_WARN; + "Tar entry has negative size"); + return (ARCHIVE_FATAL); + } + if (tar->entry_bytes_remaining == INT64_MAX) { + /* Note: tar_atol returns INT64_MAX on overflow */ + tar->entry_bytes_remaining = 0; + archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, + "Tar entry size overflow"); + return (ARCHIVE_FATAL); } tar->realsize = tar->entry_bytes_remaining; archive_entry_set_size(entry, tar->entry_bytes_remaining); |